Tracking Data Through your Internal Audit Process
It doesn’t matter if you’re the biggest credit union in the world, or if you’re small but mighty: you’ll have to do an internal audit. During your internal audit process, one of your biggest keys to success is tracking your data.

Just as with any audit, let’s start this off with a deep breath. Ready? Okay.

NCUA Rules and Regulations

Unfortunately, we can’t be the best source of NCUA rules and regulations. This document may well be out of date in a couple years, so as much as anything, we’re covering all our bases here.

But it’s telling that we can’t allow a static document to claim complete knowledge of NCUA rules and regulations—the fact is, they change quite often. As new technologies, new practices, and above all, new risks make their way into modern credit union operations, new NCUA regulations are sure to follow.

What we can say for certain is that demonstrating compliance with NCUA rules and regulations is a must. Your credit union’s internal audit process must take new standards into consideration. Failure to do so may result in time-consuming follow-up questions, costly or lengthy remediation, and possible regulatory action.

Documentation in your Internal Audit Process

Your credit union’s internal audit process will require strong communication between many different pillars of business. Your team will want to keep track of what every member is doing in real time,

Traditional means of communication such as email can work, but there are a few pitfalls to be aware of. First of all, including email in your internal audit process means that it’s considered part of your auditing tools and procedure. As such, your email is open to legal discovery in the case that your examiners find something questionable. While the chances that your emails actually contain anything incriminating is beside the point—if the political scene of the last several years has taught us everything, it’s taught us that chasing down emails is stressful, costly, time-consuming, and confusing.

Second, email has a nasty habit of being ignorable. Just like your check engine light and texts from your weird aunt, email—even when it’s marked urgent—can quickly slide down your priority list. It’s not that email remains unopened for weeks; rather, it can stay unopened just long enough to miss critical internal audit process details. In a fast-moving audit, that may mean only a few hours.

To better communicate and keep track of what everyone’s doing during your internal audit process, you may want to reconsider using email or other traditional means of communication (text message, carrier pigeon, smoke signals, etc.).

Staying on Top of Things

Aside from communication, there remains other critical data to keep track of during your internal audit procedure. This data includes tasks assigned to various team members, due dates, documents and examination answers, and full documentation.

While you’re busy trying to adhere to NCUA rules and regulations to ensure that you’re adequately managing risk, you may inadvertently increase your risk by including too many platforms that don’t collaborate in real time.

Using email, spreadsheets, various file structures, and the occasional sticky note to keep track of your audit, you risk letting things fall through the cracks. Missing an item, or worse, providing different or conflicting answers to a question could mean the difference between success and failure in your internal audit process.

audit checklist

FREE: Audit Checklist for Credit Unions

4 key principles and 9 questions to jumpstart your audit planning. From leading credit unions.

Data Management Tools

It’s increasingly important to manage projects in real time. With more people involved, more documents, more due dates, ongoing communication, and more NCUA regulations to consider in your internal audit process, you have your hands full.

For many credit unions, especially smaller ones who are audited less often or who feel comfortable using several different tools to do one job, spreadsheets and email may be sufficient to track your data. For larger or more frequently-audited credit unions, the likelihood that you’ll lose track of critical data increases dramatically.

If you would like to learn about how to best prepare for your internal audit, then these articles may be for you:

How to Mitigate Credit Union Risks During Your Internal Audit
Are You Ready for Your Internal Audit?
Posted in:

Written By Brad Powell

Brad Powell runs Redboard, a company that helps credit unions better respond to regulatory examinations. He has 20 years of experience developing technology for credit unions and financial services companies.
icon linkedin icon twitter